Passwords are burdensome to enter, odious to memorize, and hard to use in a public environment where a malicious actor may be able to detect the sequence of typed keys. Some systems authenticate users based on detection of biometric characteristics, such as fingerprint authentication, iris authentication, face authentication, or voice authentication. However, considered independently, each of these different types of authentication mechanisms are capable of being spoofed in order to gain access to the system. For example, fingerprints can be scanned and reprinted, static faces can be photographed or scanned and reprinted by a 3D printer, voices can be recorded and replayed with an audio recorder, and irises can be photographed.
Further, these spoofing techniques can be utilized in combination in order to gain access to systems that require multiple steps of verification. Consider, for example, a system that authenticates the user based on both fingerprint characteristics and facial characteristics. In this example, even though two step authentication is required, an unauthorized user could still gain access to the system using both a scanned and reprinted fingerprint and a 3D model of the user's face.
While the use of face recognition systems is becoming more prevalent, these systems remain vulnerable to spoofing attacks. For example, some traditional face recognition systems operate by extracting pose-invariant features pertaining to a user's face, such as the pose-invariant distances between various landmarks on the user's face. There remains a risk that a malicious actor can gain access to protected resources by presenting a photograph or three-dimensional bust to such a face recognition system, where that photograph or bust duplicates the appearance of an authorized user. The industry has countered this threat by using various liveness tests for discriminating between a live human user and a simulation thereof. But it remains at least theoretically possible for a malicious actor to spoof even these liveness tests. For example, if a recognition system makes verification conditional on the user performing successive actions, a malicious actor can successively present photographs or busts which provide static “snapshots” of these actions.